we have a design office full of macs, but we want to achieve a robust user arquitecture, we're thinking in using windows server active directory for this task.
Is it possible to connect macosx machines to a windows server domain and user its login features and group features and permissions for file server?
Is it an easy task?
Thank you so much
It should be possible to have client machines connect to an Active Directory server. Go to System Preferences » Users and groups and select Login. At the bottom of that preference pane where is an option to connect to a directory server.
No idea how easy it will be to setup. I'm on OS X Lion by the way.
Related
I have a client who uses Firefox as their primary browser. We have enabled folder redirection for their Desktop and Documents folders via GPO and I was hoping to do the same with their Firefox bookmarks as all users have a desktop and access to a Windows 2008 R2 RDS session for remote access and a few have laptops.
I understand there's 2 ways to do this:
Enabled Firefox sync. My issue with this is it's all user-driven. They have to sign up for it, manage their password, enable it when using on other machines, etc...
Turn on the Appdata\Roaming folder redirection GPO. However, I've read on several different forums that this can cause issues for various applications, most commonly Adobe Reader, so I'd like to avoid it if possible
Does anyone know of another reliable server-side policy to enable syncing of Firefox bookmarks between multiple machines for users in an AD environment?
Thanks for any insight you may have.
You could sync the AppData\Roaming\Mozilla\Firefox directory, if that's an option in GPO.
Otherwise, you could place the Firefox profile folder in a directory that gets synchronized (like Documents), instead of in its default location, and then set up Firefox on each computer (using the Profile Manager) so it looks in that directory for its profile.
http://kb.mozillazine.org/Profile_folder_-_Firefox
I just installed Remote Server Administrative Tools (RSAT) on windows 7, and turned features on as mentioned in the installation guide. Now the Administrative Tools have been installed and successfully listed in the All Programs list of start menu.
I want to set up a local network. I want to create users/passwords, and give them access to shared drives with permissions, etc.
My questions is:
How do I configure the Active Directory in windows 7 for the first time?
RSAT is to remotely manage an Active Directory environment. It's not for creating an AD environment.
If you want to create an AD environment, you need Windows Server (2003/2008/2012) and install the 'Active Directory Domain Services' or 'Active Directory Lightweight Directory Services' role. There are instructions online on how to do that.
I am working in a mixed environment of Mac OS and Windows machines, which the domain controller is Open Directory served by a Mac server. Actually, Mac and Windows both are installed on every machine and could be selected on boot time.
As a longtime problem, we could not join Windows 7 users to Open Directory domain. That's why I decided to setup an Active Directory server for Windows users and leave Open Directory for Mac users. Then the next problem was we must have each user twice in both Open Directory and Active Directory.
My question is: Is there a way to configure AD to relay its authentication requests to OD user database, and also load home directories from a shared point on the network?
An Open Directory can be used as PDC or a BDC and yes you can replicate active directory into your Open Directory server. once that is said, setting up a new Open Directory BDC is not a question of two lines of code. I'll suggest you to read the following:
http://manuals.info.apple.com/MANUALS/1000/MA1180/en_US/OpenDirAdmin_v10.6.pdf
you may find more than you are looking for. :)
I want to deploy a dmg on Mac OSX and higher. It should not need admin privileges to install the application to the application folder of the system. Is this possible?
Thanks in advance. :)
I don't think dmg is the word you are looking for. If it is an app, you can typically just drag the app to the Applications folder.
If you're trying to install something that requires admin privileges and you are physically at the computer, you will need to boot into single user mode with Command-S. From single user mode, you are the root user and can do whatever you choose.
I have successfully captured an image using sysprep and can provision new machines from it, however all the custom user settings are missing (desktop shortcuts, chrome bookmarks etc...).
A more serious issue is that one of the applications I had installed fails on the provisioned machine unless run as administrator (due to the way it writes some files when being installed originally).
How can I ensure this profile information is preserved and I don't hit the permissions issue for the application?
I have been pointed at the following link (http://theitbros.com/sysprep-xp-sp3-copy-administrator-profile/) but it seems to be Win XP specific.
Profile information can be migrated to a new deployment using the User State Migration Tool (USMT). USMT is a free tool designed to help IT Professionals migrate files and settings to Windows 7 or Windows 8. USMT captures user accounts, user files, operating system settings, and applications settings and then migrates them to the new Windows installation. The TechNet articles ‘Step-by-Step: Basic Windows Migration using USMT for IT Professionals’ and ‘User State Migration Tool 4.0 User’s Guide’ are good places to start learning how to use USMT.
For your application issue, I would recommend using the Microsoft Deployment Toolkit (MDT) for your deployments. MDT can deploy your image and then install device drivers and applications to the machine automatically. These two video walkthroughs are specific to migrating from Windows XP to Windows 7 with MDT, and using USMT to migrate the user files and settings:
Part 1: Building the Deployment Environment
Part 2: Initiating the Install and Migrating the PC
There is also a Microsoft Virtual Academy 7 part course titled ‘Migrating from Windows XP to Windows 7’ that has two parts dedicated to using USMT to transfer user data and one part for MDT.
MDT can be downloaded here, and USMT is a part of the ADK which is a component of MDT.
Hope this helps,
The answer here wasn't very elegant (in my mind at least) but here is what I did to achieve the desired result:
Create the VM as usual (specifying the admin user during setup)
Create a new (non-admin) user and give them RDP access
Log in as the non-admin user
Install all the necessary software
Log in as the admin user, change the permissions for any files that were causing an issue to be readable by the non-admin user
Run sysprep as the admin and complete the process as detailed elsewhere
This gave me an image that I was able to provision VMs from. When creating the VM I specified the admin user to be created (but then never needed to login as the admin, as I would just login as my non-admin user that was created before). All profile settings for the non-admin user are preserved.
Hope this helps anyone else facing the same issue.